package com.jiinfo.controller;

import java.util.List;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;

import com.jfinal.core.ActionKey;
import com.jfinal.plugin.activerecord.Record;
import com.jiinfo.base.BaseController;
import com.jiinfo.config.ConstConfig;
import com.jiinfo.model.Resource;
import com.jiinfo.model.User;
import com.jiinfo.util.StringUtils;

public class IndexController extends BaseController{

	@ActionKey("/manage")
	public void manage_index(){
		Subject subject = SecurityUtils.getSubject();
		if(subject.isAuthenticated()){
			renderJsp("/manage/index.jsp");
		}else{
			renderJsp("/manage/login.jsp");
		}
		
		setAttr("pageTitle", getPageTitle("", "",
				new String[]{"<i class='icon-home'></i>首页"},
				new String[]{"/manage"}));
	}
	
	@ActionKey("/manage/login")
	public void manage_login(){
		
		String username=getPara("username");
		String password=getPara("password");
		String remember=getPara("remember");
		Subject subject = SecurityUtils.getSubject();
		
		System.out.println("----------"+subject.isRemembered());
		if(subject.isRemembered()){
			System.out.println(subject.isRemembered());
		}
		
		UsernamePasswordToken token = new UsernamePasswordToken(username, password,("1".equals(remember)?true:false));
		try {
			
			subject.login(token);
			
			Record user=(Record)subject.getSession().getAttribute(ConstConfig.SESSION_USER);
		    List<Record> menus=Resource.dao.getTreeResourcesByUserId(user.getStr("id"), "menus",true);
		    getSession().setAttribute("menus", menus);
		    
		    if(menus.size()==0){
		    	setAttr("msg", "对不起，您没有权限登录本系统，请联系系统管理员！");
		    	subject.logout();
		    }
		    
		} catch ( UnknownAccountException uae ) {
			setAttr("msg", "账号或密码错误！");
		} catch ( IncorrectCredentialsException ice ) {
			setAttr("msg", "账号或密码错误！");
		} catch ( LockedAccountException lae ) {
			setAttr("msg", "账号或密码错误！");
		} catch ( AuthenticationException ae ) {
			setAttr("msg", "账号或密码错误！");
		} 
		
		if(subject.isAuthenticated()){
			redirect("/manage");
		}else{
			setAttr("username", username);
			//setAttr("password", password);
			renderJsp("/manage/login.jsp");
		}
		
	}
	
	@ActionKey("/manage/login/out")
	public void manage_login_out(){
		
		Subject subject = SecurityUtils.getSubject();
		subject.logout();
		redirect("/manage");
		
	}
	
	@ActionKey("/manage/password/disp")
	public void manage_password_disp(){
		
		setAttr("pageTitle", getPageTitle("密码修改", "",
				new String[]{"<i class='icon-home'></i>首页","密码修改"},
				new String[]{"/manage","/manage/password/disp"}));
		renderJsp("/manage/password.jsp");
	}
	
	@ActionKey("/manage/password/edit")
	public void manage_password_edit(){
		
		String msg=null;
		
		String oldPassword=getPara("oldPassword");
		String newPassword=getPara("newPassword");
		String newPasswordTo=getPara("newPasswordTo");
		
		if(StringUtils.isEmpty(oldPassword)){
			msg="请输入旧密码！";
			renderJsp("/manage/password.jsp");
		}else if(StringUtils.isEmpty(newPassword)){
			msg="请输入新密码！";
			renderJsp("/manage/password.jsp");
		}else if(!newPassword.equals(newPasswordTo)){
			msg="两次输入的密码不一致！";
			renderJsp("/manage/password.jsp");
		}else{
			User user=User.dao.findById(getCurrUser().getStr("id"));
			String password=user.getStr("password");
			if(!password.equals(User.encryptPassword(oldPassword, user.getStr("salt")))){
				msg="旧密码错误,请重新输入！";
				oldPassword=null;
				renderJsp("/manage/password.jsp");
			}else{
				user.set("password", User.encryptPassword(newPassword, user.getStr("salt")));
				user.update();
				redirect("/manage");
			}
			
		}
		
		setAttr("msg", msg);
		setAttr("oldPassword", oldPassword);
		setAttr("newPassword", newPassword);
		setAttr("newPasswordTo", newPasswordTo);
		setAttr("pageTitle", getPageTitle("密码修改", "",
				new String[]{"<i class='icon-home'></i>首页","密码修改"},
				new String[]{"/manage","/manage/password/disp"}));
		
		
	}
	
	@ActionKey("/")
	public void index(){
		renderJsp("/index.jsp");
		
	}
}
